| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aRRYzb2FxHzpKhms@redhat.com> Date: Wed, 12 Nov 2025 10:52:13 +0100 From: Oleg Nesterov <oleg@...hat.com> To: Bernd Edlinger <bernd.edlinger@...mail.de> Cc: Christian Brauner <brauner@...nel.org>, Alexander Viro <viro@...iv.linux.org.uk>, Alexey Dobriyan <adobriyan@...il.com>, Kees Cook <kees@...nel.org>, Andy Lutomirski <luto@...capital.net>, Will Drewry <wad@...omium.org>, Andrew Morton <akpm@...ux-foundation.org>, Michal Hocko <mhocko@...e.com>, Serge Hallyn <serge@...lyn.com>, James Morris <jamorris@...ux.microsoft.com>, Randy Dunlap <rdunlap@...radead.org>, Suren Baghdasaryan <surenb@...gle.com>, Yafang Shao <laoar.shao@...il.com>, Helge Deller <deller@....de>, "Eric W. Biederman" <ebiederm@...ssion.com>, Adrian Reber <areber@...hat.com>, Thomas Gleixner <tglx@...utronix.de>, Jens Axboe <axboe@...nel.dk>, Alexei Starovoitov <ast@...nel.org>, "linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, linux-kselftest@...r.kernel.org, linux-mm@...ck.org, linux-security-module@...r.kernel.org, tiozhang <tiozhang@...iglobal.com>, Luis Chamberlain <mcgrof@...nel.org>, "Paulo Alcantara (SUSE)" <pc@...guebit.com>, Sergey Senozhatsky <senozhatsky@...omium.org>, Frederic Weisbecker <frederic@...nel.org>, YueHaibing <yuehaibing@...wei.com>, Paul Moore <paul@...l-moore.com>, Aleksa Sarai <cyphar@...har.com>, Stefan Roesch <shr@...kernel.io>, Chao Yu <chao@...nel.org>, xu xin <xu.xin16@....com.cn>, Jeff Layton <jlayton@...nel.org>, Jan Kara <jack@...e.cz>, David Hildenbrand <david@...hat.com>, Dave Chinner <dchinner@...hat.com>, Shuah Khan <shuah@...nel.org>, Elena Reshetova <elena.reshetova@...el.com>, David Windsor <dwindsor@...il.com>, Mateusz Guzik <mjguzik@...il.com>, Ard Biesheuvel <ardb@...nel.org>, "Joel Fernandes (Google)" <joel@...lfernandes.org>, "Matthew Wilcox (Oracle)" <willy@...radead.org>, Hans Liljestrand <ishkamiel@...il.com>, Penglei Jiang <superman.xpt@...il.com>, Lorenzo Stoakes <lorenzo.stoakes@...cle.com>, Adrian Ratiu <adrian.ratiu@...labora.com>, Ingo Molnar <mingo@...nel.org>, "Peter Zijlstra (Intel)" <peterz@...radead.org>, Cyrill Gorcunov <gorcunov@...il.com>, Eric Dumazet <edumazet@...gle.com> Subject: Re: [PATCH v17] exec: Fix dead-lock in de_thread with ptrace_attach On 11/11, Bernd Edlinger wrote: > > On 11/11/25 14:12, Oleg Nesterov wrote: > > On 11/11, Bernd Edlinger wrote: > >> > >> Well when this is absolutely not acceptable then I would have to change > >> all security engines to be aware of the current and the new credentials. > > > > Hmm... even if we find another way to avoid the deadlock? Say, the patches > > I sent... > > > > Maybe, but it looks almost too simple ;-) > > 164 sleep(2); > 165 /* deadlock may happen here */ > 166 k = ptrace(PTRACE_ATTACH, thread2_tid, 0L, 0L); > > what happens if you change the test expectation here, that the > ptrace may fail instead of succeed? > > What signals does the debugger receive after that point? > Is the debugger notified that the debugged process continues, > has the same PID, and is no longer ptraced? Ah, but this is another thing... OK, you dislike 3/3 and I have to agree. Yes, de_thread() silently untraces/reaps the old leader and after 3/3 debugger can't rely on PTRACE_EVENT_EXIT, so unless the debugger has already attached to all sub-threads (at least to execing thread) it looks as if the leader was just untraced somehow. OK, this is probably too bad, we need another solution... Oleg.
Powered by blists - more mailing lists